727512
U2.1 Cables, Hubs, Sniffers
- Protocol for Ethernet
- CSMA/CD
- Carrier Sense
- before sending, device checks to
see if there is another device using
network, if yes, it waits
- before sending, device checks to
see if there is another device using
network, if yes, it waits
- multiple access
- any device can use
network when it is free
- any device can use
network when it is free
- collision detection
- after detecting
collision, wait a
random delay
- if collision detected again,
wait 2x as long and check
(called "expontential backoff")
- if collision detected again,
wait 2x as long and check
(called "expontential backoff")
- after detecting
collision, wait a
random delay
- Carrier Sense
- CSMA/CD
- cabling
- thick ethernet
- 10BASE 5, 10 Mbps, 500m
- 10BASE 5, 10 Mbps, 500m
- thin ethernet
- 10BASE2, 10Mbps, 200m
- 10BASE2, 10Mbps, 200m
- unshielded twisted pair
- 10BASE-T, 100-BASE -T, T=twisted pair
- Cat 1 telephone
- Cat 3, 10Mbps
- Cat 5, 100Mbps
- Cat5e, 1000Mbps
- Cat 1 telephone
- 10BASE-T, 100-BASE -T, T=twisted pair
- shielded twisted pair
- Used for token ring, good for high interference
- Used for token ring, good for high interference
- fibre-optic
- 1000 Mbps or higher
- 1000 Mbps or higher
- wireless LAN
- Not type of cabling, but often used instead of. 11-150Mbps
- Not type of cabling, but often used instead of. 11-150Mbps
- OSI layer 1
- 4 fundamental threats
- information leakage
- integrity violation
- denial of service
- illegitimate use
- safeguards
- run cable through protective trunking
- lockable, dedicated network closets
- add electromagnetic shielding to cabling
- run cabling through trunking with pressurized gas, have alarms for pressure loss
- run cable through protective trunking
- information leakage
- thick ethernet
- hubs
- types
- dumb
- intelligent
- regenerate
signals for long
network cables
- monitor congestion,
send alarms
- remote monitoring
- regenerate
signals for long
network cables
- dumb
- switched network (see note)
- types
- network interface card (NIC)
- listening modes
- non-promiscuous
- only listens to
traffic targeted
for that device
- only listens to
traffic targeted
for that device
- promiscuous
- listens to all
traffice on the
network
- listens to all
traffice on the
network
- non-promiscuous
- Physical interface
that allows a device
to listen to network
traffice
- listening modes
- sniffer
- device
listening to
all traffic on a
network
- detection
- method 1
- 1.send large volume of
packets to non-existing
network address
- 2. send an ICMP request to
suspect device. If device is
sniffing, it will be overwhelmed.
- 1.send large volume of
packets to non-existing
network address
- method 2
- 1. Send packet to unused
IP address on network
- 2. Sniff network to see if any
devices try to resolve DNS name
- 1. Send packet to unused
IP address on network
- method 1
- device
listening to
all traffic on a
network
- examples
- thin ethernet
- coaxial cable
- build network by
daisychaining
nodes
- computers
connect
directly to
network cable
- computers
connect
directly to
network cable
- vulnerabilities
- when one cable
is damaged, the
whole network
fails
- all devices
on network
receive data
- easy to
attach
addtional
devices
- when one cable
is damaged, the
whole network
fails
- coaxial cable
- 10BASE-T
- connects devices
to network via hub
(see note)
- vulnerabilities
- all devices on network
receive data (hub
broadcasts)
- easy to attach
additional
devices
- all devices on network
receive data (hub
broadcasts)
- connects devices
to network via hub
(see note)
- thin ethernet
Want to create your own Mind Maps for free with GoConqr? Learn more.